Using CloudTrail S3 data events, it was possible to determine the AWS account ID of
any existing S3 bucket by calling any S3 API, getting denied, and looking at the value in the resource
key in err...
Mon, Jul 27th, 2020
Display of EC2 tags had XSS
Wed, Jul 1st, 2020
An attacker with access to a hostNetwork=true container with CAP_NET_RAW
capability can listen to all the traffic going through the host and inject arbitrary
traffic, allowing to tamper with most u...
Mon, Jun 15th, 2020